From c5594623f963c36c0eda54c4286a030553dcdf31 Mon Sep 17 00:00:00 2001 From: markus Date: Wed, 22 Mar 2000 09:55:10 +0000 Subject: [PATCH] remove unused cipher_attack_detected code --- usr.bin/ssh/cipher.c | 16 +--------------- usr.bin/ssh/cipher.h | 8 +------- usr.bin/ssh/ssh.c | 5 +---- usr.bin/ssh/sshd.c | 5 +---- 4 files changed, 4 insertions(+), 30 deletions(-) diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c index 552bbe34d80..682a980175c 100644 --- a/usr.bin/ssh/cipher.c +++ b/usr.bin/ssh/cipher.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$Id: cipher.c,v 1.19 2000/02/22 15:19:29 markus Exp $"); +RCSID("$Id: cipher.c,v 1.20 2000/03/22 09:55:10 markus Exp $"); #include "ssh.h" #include "cipher.h" @@ -104,18 +104,6 @@ swap_bytes(const unsigned char *src, unsigned char *dst_, int n) } } -void (*cipher_attack_detected) (const char *fmt,...) = fatal; - -static inline void -detect_cbc_attack(const unsigned char *src, - unsigned int len) -{ - return; - - log("CRC-32 CBC insertion attack detected"); - cipher_attack_detected("CRC-32 CBC insertion attack detected"); -} - /* * Names of all encryption algorithms. * These must match the numbers defined in cipher.h. @@ -298,7 +286,6 @@ cipher_decrypt(CipherContext *context, unsigned char *dest, break; case SSH_CIPHER_3DES: - /* CRC-32 attack? */ SSH_3CBC_DECRYPT(context->u.des3.key1, context->u.des3.key2, &context->u.des3.iv2, context->u.des3.key3, &context->u.des3.iv3, @@ -306,7 +293,6 @@ cipher_decrypt(CipherContext *context, unsigned char *dest, break; case SSH_CIPHER_BLOWFISH: - detect_cbc_attack(src, len); swap_bytes(src, dest, len); BF_cbc_encrypt((void *) dest, dest, len, &context->u.bf.key, context->u.bf.iv, diff --git a/usr.bin/ssh/cipher.h b/usr.bin/ssh/cipher.h index 2e06c98f90e..a6f458a54de 100644 --- a/usr.bin/ssh/cipher.h +++ b/usr.bin/ssh/cipher.h @@ -11,7 +11,7 @@ * */ -/* RCSID("$Id: cipher.h,v 1.10 1999/11/24 19:53:46 markus Exp $"); */ +/* RCSID("$Id: cipher.h,v 1.11 2000/03/22 09:55:10 markus Exp $"); */ #ifndef CIPHER_H #define CIPHER_H @@ -88,10 +88,4 @@ void cipher_decrypt(CipherContext * context, unsigned char *dest, const unsigned char *src, unsigned int len); -/* - * If and CRC-32 attack is detected this function is called. Defaults to - * fatal, changed to packet_disconnect in sshd and ssh. - */ -extern void (*cipher_attack_detected) (const char *fmt, ...); - #endif /* CIPHER_H */ diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 957acc4dbd0..b847e73ff90 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$Id: ssh.c,v 1.41 2000/02/28 19:51:58 markus Exp $"); +RCSID("$Id: ssh.c,v 1.42 2000/03/22 09:55:10 markus Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -610,9 +610,6 @@ main(int ac, char **av) if (host_private_key_loaded) RSA_free(host_private_key); /* Destroys contents safely */ - /* Close connection cleanly after attack. */ - cipher_attack_detected = packet_disconnect; - /* Enable compression if requested. */ if (options.compression) { debug("Requesting compression at level %d.", options.compression_level); diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 676610ef726..ac8ea406b96 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.92 2000/03/16 20:56:15 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.93 2000/03/22 09:55:10 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -512,9 +512,6 @@ main(int ac, char **av) unmounted if desired. */ chdir("/"); - /* Close connection cleanly after attack. */ - cipher_attack_detected = packet_disconnect; - /* Start listening for a socket, unless started from inetd. */ if (inetd_flag) { int s1, s2; -- 2.20.1